⬅️ Need help getting started? Check out our guide to Running Your First Scan.

Scan More Effectively

Now that you’ve successfully scanned your application, ensure the scanner is covering your entire attack surface by completing the following checks:

Secure Your API Endpoints
Configure Scanner Seed Paths
Configure Authenticated Scanning

Secure Your API Endpoints

Most modern web applications rely on one or more APIs for communication between the browser and back-end systems. To effectively scan these APIs, provide the scanner with an API definition. StackHawk supports the following technologies:

REST (OpenAPI)
GraphQL
SOAP

Check out our video for a quick overview of API scanning:

REST (OpenAPI)

The OpenAPI Specification (AKA Swagger) is an industry-adopted standard for describing RESTful interfaces, which HawkScan can use to deliver a faster, more thorough scan. If you already have an OpenAPI definition for your REST API, you can add it to your scan configuration by specifying it in your stackhawk.yaml file:

# in the "app" config...
app:
  openApiConf:
    # Specify the path relative to the host
    path: "/openapi.yaml"

If you are working with an internal API or an API without a definition, we’ve compiled some resources on how to generate a definition:

Creating a New OpenAPI Spec for HawkScan

For more information about how to configure HawkScan for your REST API, see HawkScan OpenAPI Configuration.

GraphQL

StackHawk is leading the way in securing GraphQL APIs - our scanner has the capability to perform introspection on your GraphQL API to discover the available operations and generates the corresponding routes to test.

Configure GraphQL in HawkScan using the following stackhawk.yaml parameters:

# in the "app" config...
app:
  graphqlConf:
    enabled: true
    schemaPath: /graphql # relative path to the introspection endpoint
    operation: MUTATION
    requestMethod: GET

For more information about how to configure HawkScan for your GraphQL API, see HawkScan GraphQL Configuration.

SOAP

SOAP API schemas use XML to define the structure of its operations. The schema is made available through a WSDL file, offering a machine-readable format for how the web service works.

Configure SOAP in HawkScan using the following stackhawk.yaml parameters:

# in the "app" config...
app:
  # specify the relative path to an SOAP API WSDL (prefix the path with / to pull from the target host)
  soapConf:
    path: soapAPI.wsdl # OR... 
    filePath: /soapAPI/v1?wsdl

For more information about how to configure HawkScan for your SOAP API, see HawkScan SOAP API Configuration.

Configure Seed Paths

For paths that can’t be accessed by the HawkScan spider, Seed Paths can be configured in your stackhawk.yaml to ensure HawkScan finds specific endpoints or routes in your application.

Parameter	Default	Description
`.seedPaths`	`[]`	List of paths to supplement the spider. These paths will be used as additional starting points for crawling your application. Useful for paths that are not crawlable from the root of your application. For example, `/admin`.

Configuration example:

# in the "hawk.spider" config...
hawk:
  spider:
    seedPaths:
      - "/admin"
      - "/support"

Learn more about configuring HawkScan in HawkScan Configuration.

🙋 Need a hand? Our support team is here to help.
✅ Ready to move on? Next up: Automating in CI/CD